NEW YORK-As wireless carriers have closed off easier avenues for theft of services, subscriber fraud, including outright theft of identity, has emerged as the next generation of dirty dealing that carriers confront.
The chemistry for this volatile situation results from an industry in the throes of rapid expansion, with fast hiring of low-paid customer-service employees and strong pressure to sign up new customers quickly.
“In my discussions with carriers, subscriber fraud results from sloppy up-front procedures due to high employee turnover,” said Michele German, manager of business development for GTE Telecommunications Services Inc., Tampa, Fla.
“They’re not following proper procedures, or they don’t have procedures. Subscriber fraud occurs a lot because all the carriers are looking to add [customers] quickly.”
As commercial banks can well attest to, identity fraud isn’t new, but technology is making it easier to commit, said Eddie Gleason, manager of intergovernmental relations for the Personal Communications Industry Association, Alexandria, Va.
Across all industries, a significant new catalyst comes from the dark side of the information age, testified James Bauer, deputy assistant director for the U.S. Secret Service Office of Investigations, before a congressional subcommittee earlier this month. It is a shadowy, for-profit world where all kinds of important personal information stored in computers, including driver’s license and Social Security numbers, are accessible and for sale to just about anyone, not only by data-mining companies but even by state governments.
At the same time, recognition has come slowly that the genie has escaped from the bottle.
“In our research, we have not found sources able to accurately define the volume of identity fraud; however, anecdotal information from all sources indicates it is prolific,” Bauer told Congress.
Wireless carriers are just beginning to identify and measure data on the dollar effects of the various forms of subscriber fraud, including outright identity theft, said Tom McClure, director of fraud management for the Cellular Telecommunications Industry Association, Washington, D.C.
“History will repeat itself. CTIA didn’t hire paid paranoids like me until 1992. In 1994, when CTIA started looking at cloning, the spike grew to the $800 million (annual) range,” he said.
“We probably will see the same thing happening in 1998 as we look into subscriber fraud.”
Over-the-air activation of customers, a marketing tool embraced by many start-up personal communications services providers, has created a golden opportunity for subscriber fraud, Gleason said. The experience of Sprint Spectrum L.P. early in its Washington, D.C., area launch should be instructive to other PCS carriers.
“In the very beginning when Sprint Spectrum started service, they used over-the-air activation and lost a lot of money through fraudulent activity,” Gleason said.
Having learned a hard and costly lesson, Sprint Spectrum began sending “welcome” letters to new customers, thereby giving people who had been victims of subscriber fraud an opportunity to dispute that they authorized the service activation, he said.
“Welcome” calls to new subscribers are another useful checking mechanism, said Tony Zarrella, director of fraud management solutions for GTE TSI. That double check can be circumvented, however, if identity thieves list their own home or business number as a call-back. Nevertheless, it is often but not always the case that crooks are reluctant to do so because a wireline number is stationary and can be traced more easily, McClure said.
Tony Heyman, director of customer service for Omnipoint Communications Services Inc., Cedar Knolls, N.J., said the carrier recently implemented a policy of verifying, whenever possible, that a new subscriber’s wireline home number is listed in the telephone directory under the same name and address as given on the application.
In addition to the vulnerability caused by over-the-air customer activations, McClure said many of the newer wireless carrier entrants “have changed distribution channels in the last 18 months.”
Whereas potential customers typically used to go in person to a carrier’s own store, they now more often than not buy phones in all kinds of mass merchandise distribution outlets. As a result, carriers have lost some control over monitoring new customer additions.
In some key ways, Gleason and McClure said, the solutions to this high-tech problem are very low-tech: better employee management.
“The customer-care reps are your front line of defense, and you have to train them so they don’t activate someone suspected of being a fraudster without further checking,” Gleason said.
The best procedures are worthless without auditing, said McClure, who will be conducting a CTIA Subscription Fraud Workshop in June in Orlando, Fla.
“You have to have a back-end follow-up, in place; if you don’t inspect what you expect, you’ll have a weakness in the system,” he said.
McClure said he believes domestic wireless telecommunications should be graded on a curve because the industry traditionally has displayed a lower tolerance for fraud than other sectors.
Gleason said he believes wireless industry professionals also can learn from other industries. On an informal basis, PCIA carrier members have been in comparative-practices discussions with their peers in other sectors.
Adding improved technologies and information sharing with other industries can and will facilitate better employee management procedures for fraud prevention and detection, said German and Zarrella of GTE TSI.
“What we’re trying to do is improve the sophistication of screening through better systems,” Zarrella said.
“Other players provide these services, so we are pooling these resources, integrating different services and technologies.”
Carriers are becoming better and more efficient at gathering and tweaking a variety of data streams. Therefore, the cost of doing more elaborate screening likely will decline over time, while its speed will increase, said Omnipoint’s Heyman.
As for situations in which subscriber fraud is an “inside job,” McClure said most carriers have audit trails in place but would be reluctant to discuss them for publication for fear of tipping off dishonest employees. Those audit trails, he added, often were created by professionals in this specialty that new service providers hired away from incumbent carriers, which already had faced this problem.
